SAML2 Authentication does not work over Azure
search cancel

SAML2 Authentication does not work over Azure

book

Article ID: 210482

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine

Issue/Introduction

One of the following errors comes up when trying to use SAML 2.0 Authentication with MS AZURE based AD:

AADSTS900235: SAML authentication request's RequestedAuthenticationContext Comparison value must be 'exact'. Received value: 'Minimum'.

or

AADSTS750052: SAMLRequest or SAMLResponse must be present in body of HTTP request for SAML POST binding.

Environment

Release : 12.3+

Component : AUTOMATION.ENGINE

Cause

Azure Requirement: https://docs.microsoft.com/en-us/answers/questions/69360/aadsts900236-the-saml-authentication-request-prope.html

Resolution

As of v21.0.4, it is supported but due to Azure's requirement, the AuthnContextComparison needs to be changed to 'exact' otherwise the default (minimum) is used.

In our documentation, under Setting up Single Sign-On - SAML, follow the instruction in the section called Using SAML with Azure Active Directory (AD).